Essential Guide

Browse Sections

BACKGROUND IMAGE: iSTOCK/GETTY IMAGES

This content is part of the Essential Guide: Understanding endpoint security products, features and vendors
Get started Bring yourself up to speed with our introductory content.

What is endpoint security? What benefits does it offer?

The increased number of smartphones, laptops and other endpoints in the enterprise is a major security concern. Learn what endpoint security is and how it can help combat your enterprise security woes.

Most organizations today are facing a rapid increase in the number of client devices -- endpoints like desktops,...

laptops, smartphones and tablets. An employee may have three or four endpoints that have been issued by the organization, as well as one or more personal devices. Multiply these by the number of users in your organization and the sheer volume of endpoints IT must manage becomes overwhelming.

Each endpoint in your organization represents multiple attack vectors against the organization's systems, networks and, most importantly, sensitive data. Organizations are increasingly focused on safeguarding their sensitive data, such as customer databases, patient health records and financial information. At the same time, users are demanding increased access to this sensitive data from their organization-issued and personally owned endpoints.

Each endpoint in your organization represents multiple attack vectors against the organization's systems, networks and, most importantly, sensitive data.

It's become even more important for organizations to protect endpoints that access their network against numerous daily threats. A single data breach on an endpoint -- anything from a malware infection on a laptop to a lost smartphone holding a sensitive database -- can cost an organization millions of dollars and seriously damage its reputation. According to a Ponemon study, the average cost of a U.S. data breach in 2014 was $12.7 million; in 2012 it was $5.4 million.

To prevent such incidents from occurring, composite software suites known as endpoint protection software have been developed. These suites use a combination of prevention and detection techniques to identify malicious activity and treat it accordingly by blocking malicious network traffic or preventing malicious software from being executed. Endpoint protection software is also used to identify known vulnerabilities in endpoints, such as incorrect security configuration settings and missing patches for operating systems and applications.

Many of the technologies bundled within endpoint protection software have been available for many years as standalone products or in loosely bundled product suites. Examples include antimalware software, host-based firewalls (also known as personal firewalls) and host-based intrusion detection/intrusion prevention software. What makes endpoint protection software different from standalone products or loose bundles is that the endpoint protection software's components are fully integrated into a single product, with a single interface and management capability. Ideally, all the parts of endpoint protection software work together seamlessly. This creates a solution that's superior to using separate standalone products or loosely bundled product suites, and attempting to integrate the individual components after the fact.

The capabilities most often provided by endpoint protection software include:

Most endpoint protection software offers several, but not all, of these capabilities. However, products are rapidly evolving to cover all these capabilities, and their vendors are preparing to add the next generation of security capabilities to these products in the future.

About the author:
Karen Scarfone is senior cybersecurity engineer at tapestry technologies Inc. and the principal consultant for Scarfone Cybersecurity in Clifton, Va. She provides cybersecurity publication consulting services, specializing in network and system security guidelines. Scarfone was formerly a senior computer scientist for the National Institute of Standards and Technology (NIST), where she oversaw the development of system and network security publications for federal civilian agencies and the public.

Next Steps

The endpoint security market is booming, but isn't antivirus dead?

Get help keeping pace with emerging endpoint security technologies

Join the conversation

2 comments

Send me notifications when other members comment.

Please create a username to comment.

What features does your enterprise require from its endpoint security products?
Cancel
My business requires our endpoint security products have advanced malware protocols and tools that fight against harmful targeted attacks. Many of the sub-features that we require are Command & Control Block, behavior monitoring and vulnerability protection. These are absolute musts for our endpoint security systems and what we look for when investigating new platforms and tech. Our business demands a high degree of absolute security and these features help to ensure that for the business.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close